KeyStoreTrustManager¶
-
public class
KeyStoreTrustManager
extends KeyStoreComponent implements X509TrustManager¶ This class implements the javax.net.ssl.X509TrustManager, which trusts a Certificate Chain if any of the certificate in the certificate chain is stored in the KeyStore.
Author: Bob P. Y. Koon
Constructors¶
KeyStoreTrustManager¶
-
public
KeyStoreTrustManager
(KeyStoreManager keyman)¶ Creates a new instance of KeyStoreTrustManger.
Parameters: - keyman – the trusted key store manager.
Throws: - KeyStoreManagementException – if the specified key store manager is null.
Methods¶
checkClientTrusted¶
-
public void
checkClientTrusted
(X509Certificate[] chain, String authType)¶ Checks if the client is trusted. It trusts the certificate chain if the embeded key store contains one of the certificate in the chain.
Parameters: - chain – the peer certificate chain.
- authType – the key exchange algorithm used.
Throws: - IllegalArgumentException – if null or zero-length chain is passed in for the chain parameter or if null or zero-length string is passed in for the authType parameter.
- CertificateException – if the certificate chain is not trusted by this TrustManager.
checkServerTrusted¶
-
public void
checkServerTrusted
(X509Certificate[] chain, String authType)¶ Checks if the server is trusted. It trusts the certificate chain if the embeded key store contains one of the certificate in the chain.
Parameters: - chain – the peer certificate chain.
- authType – the key exchange algorithm used.
Throws: - IllegalArgumentException – if null or zero-length chain is passed in for the chain parameter or if null or zero-length string is passed in for the authType parameter.
- CertificateException – if the certificate chain is not trusted by this TrustManager.
getAcceptedIssuers¶
-
public X509Certificate[]
getAcceptedIssuers
()¶ Returns an array of certificate authority certificates which are stored in the embeded key store.
Returns: a non-null (possibly empty) array of acceptable CA issuer certificates.